(cxf) branch dependabot/maven/jakarta.mail-jakarta.mail-api-2.1.3 created (now ebc77732f0)
This is an automated email from the ASF dual-hosted git repository. github-bot pushed a change to branch dependabot/maven/jakarta.mail-jakarta.mail-api-2.1.3 in repository https://gitbox.apache.org/repos/asf/cxf.git at ebc77732f0 Bump jakarta.mail:jakarta.mail-api from 2.1.2 to 2.1.3 No new revisions were added by this update.
Nexus: Staging Repository Dropped
Message from: https://repository.apache.orgDescription:mvn release:perform failed in the middle, need to start it over againDeployer properties:"userAgent" = "Apache-Maven/3.9.4 (Java 17; Mac OS X 13.2.1)""userId" = "ffang""ip" = "72.140.132.204"Details:The orgapachecxf-1195 staging repository has been dropped.Action performed by Freeman Yue Fang (ffang)
(cxf) annotated tag cxf-4.0.4 created (now 1a9b73469e)
This is an automated email from the ASF dual-hosted git repository. ffang pushed a change to annotated tag cxf-4.0.4 in repository https://gitbox.apache.org/repos/asf/cxf.git at 1a9b73469e (tag) tagging f88b9bf2bc5121a8b8ed0629ff7685c2b1b447a1 (commit) replaces cxf-4.0.3 by Freeman Fang on Tue Mar 5 14:59:41 2024 -0500 - Log - [maven-release-plugin] copy for tag cxf-4.0.4 --- No new revisions were added by this update.
(cxf) branch main updated: make release preparation goals configurable
This is an automated email from the ASF dual-hosted git repository. ffang pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/cxf.git The following commit(s) were added to refs/heads/main by this push: new 9730f744e6 make release preparation goals configurable 9730f744e6 is described below commit 9730f744e655d4c9ec2011876d287875d4a7e285 Author: Freeman Fang AuthorDate: Tue Mar 5 14:00:50 2024 -0500 make release preparation goals configurable --- pom.xml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 515cc73b9c..6de8883129 100644 --- a/pom.xml +++ b/pom.xml @@ -46,6 +46,7 @@ UTF-8 scp://people.apache.org/www/cxf.apache.org/maven-site 9.0.9 +clean install @@ -456,7 +457,7 @@ 3.0.1 false -clean install + ${preparationGoals} deploy -Prelease,deploy true
(cxf) branch main updated: remove SNAPSHOT version
This is an automated email from the ASF dual-hosted git repository. ffang pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/cxf.git The following commit(s) were added to refs/heads/main by this push: new 7a503ee7c7 remove SNAPSHOT version 7a503ee7c7 is described below commit 7a503ee7c7a9cdb3068930a24f9f2b1dd4992825 Author: Freeman Fang AuthorDate: Tue Mar 5 10:24:55 2024 -0500 remove SNAPSHOT version --- rt/ws/security/pom.xml | 1 - 1 file changed, 1 deletion(-) diff --git a/rt/ws/security/pom.xml b/rt/ws/security/pom.xml index 1279ef0ff1..535e3dc289 100644 --- a/rt/ws/security/pom.xml +++ b/rt/ws/security/pom.xml @@ -114,7 +114,6 @@ org.apache.wss4j wss4j-policy -3.0.3-SNAPSHOT org.codehaus.woodstox
(cxf) branch main updated: Update release notes for 4.0.4
This is an automated email from the ASF dual-hosted git repository. ffang pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/cxf.git The following commit(s) were added to refs/heads/main by this push: new bd1d7aef9a Update release notes for 4.0.4 bd1d7aef9a is described below commit bd1d7aef9a66b19ae04db0d355273c49dee29cdd Author: Freeman Fang AuthorDate: Tue Mar 5 08:59:40 2024 -0500 Update release notes for 4.0.4 --- distribution/src/main/release/release_notes.txt | 97 ++--- 1 file changed, 39 insertions(+), 58 deletions(-) diff --git a/distribution/src/main/release/release_notes.txt b/distribution/src/main/release/release_notes.txt index 49bd7a522a..cb09902bbf 100644 --- a/distribution/src/main/release/release_notes.txt +++ b/distribution/src/main/release/release_notes.txt @@ -1,4 +1,4 @@ -Apache CXF 4.0.3 Release Notes +Apache CXF 4.0.4 Release Notes 1. Overview @@ -21,7 +21,7 @@ for further information and requirements for upgrading from earlier versions of CXF. -4.0.3 fixes over 54 JIRA issues reported by users and the community. +4.0.4 fixes over 28 JIRA issues reported by users and the community. 2. Installation Prerequisites @@ -63,67 +63,48 @@ for caveats when upgrading. 7. Specific issues, features, and improvements fixed in this version -** Sub-task -* [CXF-8842] - Get rid of EasyMock in cxf-core -* [CXF-8843] - Get rid of EasyMock in cxf-integration-jca -* [CXF-8844] - Get rid of EasyMock in cxf-rt-bindings-coloc -* [CXF-8845] - Get rid of EasyMock in cxf-rt-bindings-corba -* [CXF-8846] - Get rid of EasyMock in cxf-rt-bindings-soap -* [CXF-8847] - Get rid of EasyMock in cxf-rt-databinding-aegis -* [CXF-8848] - Get rid of EasyMock in cxf-rt-databinding-jaxb -* [CXF-8849] - Get rid of EasyMock in cxf-rt-features-clustering -* [CXF-8850] - Get rid of EasyMock in cxf-rt-features-logging -* [CXF-8851] - Get rid of EasyMock in cxf-rt-features-throttling -* [CXF-8852] - Get rid of EasyMock in cxf-services-xkms-x509-repo-ldap -* [CXF-8853] - Get rid of EasyMock in cxf-services-xkms-x509-handlers -* [CXF-8854] - Get rid of EasyMock in cxf-rt-wsdl -* [CXF-8855] - Get rid of EasyMock in cxf-rt-ws-transfer -* [CXF-8856] - Get rid of EasyMock in cxf-rt-frontend-jaxrs -* [CXF-8857] - Get rid of EasyMock in cxf-rt-frontend-jaxws -* [CXF-8858] - Get rid of EasyMock in cxf-rt-frontend-js -* [CXF-8859] - Get rid of EasyMock in cxf-rt-ws-security -* [CXF-8860] - Get rid of EasyMock in cxf-rt-ws-rm -* [CXF-8861] - Get rid of EasyMock in cxf-rt-ws-policy -* [CXF-8862] - Get rid of EasyMock in cxf-rt-ws-addr -* [CXF-8863] - Get rid of EasyMock in cxf-rt-transports-websocket -* [CXF-8864] - Get rid of EasyMock in cxf-rt-transports-jms -* [CXF-8865] - Get rid of EasyMock in cxf-rt-management -* [CXF-8866] - Get rid of EasyMock in cxf-rt-rs-service-description -* [CXF-8867] - Get rid of EasyMock in cxf-rt-rs-client -* [CXF-8868] - Get rid of EasyMock in cxf-rt-rs-extension-providers -* [CXF-8869] - Get rid of EasyMock in cxf-rt-rs-extension-search -* [CXF-8870] - Get rid of EasyMock in cxf-rt-transports-http-undertow -* [CXF-8871] - Get rid of EasyMock in cxf-rt-rs-mp-client -* [CXF-8872] - Get rid of EasyMock in cxf-rt-rs-security-oauth2 -* [CXF-8873] - Get rid of EasyMock in cxf-rt-rs-security-oauth2-saml -* [CXF-8874] - Get rid of EasyMock in cxf-rt-rs-security-sso-oidc -* [CXF-8876] - Get rid of EasyMock in cxf-rt-transports-http-jetty -* [CXF-8877] - Get rid of EasyMock in cxf-rt-transports-http-netty-client -* [CXF-8878] - Get rid of EasyMock in cxf-rt-transports-http-netty-server -* [CXF-8890] - Get rid of EasyMock in cxf-rt-transports-http ** Bug -* [CXF-8885] - HttpClient SelectorManager threads run indefinitely causing OOM -* [CXF-8886] - JavaDocProvider does not work with JDK 17 and beyond -* [CXF-8889] - Compilation of CXF fails due to a "jakarta..." vs. "javax..." issue. -* [CXF-8892] - CXF build on Windows is broken (test failures) -* [CXF-8895] - Deadlock instead of timeout with new HttpClientHTTPConduit using large payloads -* [CXF-8896] - http client sends some strange HTTP/1.1 and HTTP/2 mix headers -* [CXF-8903] - Too many open files error in HttpClientHTTPConduit -* [CXF-8905] - TransportURIResolver doesn't honor the property setting in bus -* [CXF-8907] - java.lang.NullPointerException at AsymmetricBindingHandler.java -* [CXF-8914] - No content-length header after upgrade CXF from 3.5.6 to 3.6.1 -* [CXF-8919] - JAXRSUtils references javax.activation.Datasource -* [CXF-8920] - Can't filter when collection has attribute of type LocalDate or LocalDateTime -* [CXF-8925] - Logging twice in case of faults happening after pre-stream phase in out-chain +* [CXF-8812] - Content-Type header created with
(cxf) branch main updated: [CXF-8981] Added unit tests for key agreement method (#1715)
This is an automated email from the ASF dual-hosted git repository. ffang pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/cxf.git The following commit(s) were added to refs/heads/main by this push: new 354f09f05e [CXF-8981] Added unit tests for key agreement method (#1715) 354f09f05e is described below commit 354f09f05ef61722e9d62f5c6c4fb777d7ef9c97 Author: jrihtarsic AuthorDate: Tue Mar 5 14:55:06 2024 +0100 [CXF-8981] Added unit tests for key agreement method (#1715) * [CXF-8981] Added unit tests for key agreement method with WSS4j interceptors * Add documentation to WSS4JInOutWithAttachmentsTest * Ensure that added tests builds with JDK 11+ - Co-authored-by: RIHTARSIC Joze --- .../ws/security/wss4j/AbstractSecurityTest.java| 9 + .../cxf/ws/security/wss4j/TestPwdCallback.java | 5 + .../cxf/ws/security/wss4j/WSS4JInOutTest.java | 86 ++ .../wss4j/WSS4JInOutWithAttachmentsTest.java | 289 + .../cxf/ws/security/wss4j/edeliver-as4-clean.xml | 62 + rt/ws/security/src/test/resources/wss-ecdh.p12 | Bin 0 -> 8299 bytes .../src/test/resources/wss-ecdh.properties | 4 + 7 files changed, 455 insertions(+) diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java index 3e06e36783..d62b314520 100644 --- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java +++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java @@ -171,4 +171,13 @@ public abstract class AbstractSecurityTest extends AbstractCXFTest { } } } + +protected int getJDKVersion() { +try { +return Integer.getInteger("java.specification.version", 0); +} catch (NumberFormatException ex) { +// ignore +} +return 0; +} } diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/TestPwdCallback.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/TestPwdCallback.java index eb233a9ab6..1ad166fcd8 100644 --- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/TestPwdCallback.java +++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/TestPwdCallback.java @@ -36,6 +36,11 @@ public class TestPwdCallback implements CallbackHandler { passwords.put("myalias", "myAliasPassword"); passwords.put("alice", "alicePassword"); passwords.put("username", "myAliasPassword"); +passwords.put("x448", "security"); +passwords.put("x25519", "security"); +passwords.put("secp256r1", "security"); +passwords.put("secp384r1", "security"); +passwords.put("secp521r1", "security"); } public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java index bd3488a6b3..9404bfd78f 100644 --- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java +++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java @@ -55,7 +55,10 @@ import org.apache.wss4j.dom.WSDataRef; import org.apache.wss4j.dom.engine.WSSecurityEngineResult; import org.apache.wss4j.dom.handler.WSHandlerConstants; import org.apache.wss4j.dom.handler.WSHandlerResult; +import org.apache.xml.security.utils.Constants; +import org.apache.xml.security.utils.EncryptionConstants; +import org.junit.Assume; import org.junit.Test; import static org.junit.Assert.assertEquals; @@ -70,6 +73,9 @@ import static org.junit.Assert.fail; public class WSS4JInOutTest extends AbstractSecurityTest { public WSS4JInOutTest() { +// add xenc11 and dsig11 namespaces +testUtilities.addNamespace("xenc11", EncryptionConstants.EncryptionSpec11NS); +testUtilities.addNamespace("dsig11", Constants.SignatureSpec11NS); } @Test @@ -191,6 +197,86 @@ public class WSS4JInOutTest extends AbstractSecurityTest { ); } +@Test +public void testEncryptionWithAgreementMethodsX448() throws Exception { +Assume.assumeTrue(getJDKVersion() >= 16); +testEncryptionWithAgreementMethod("x448", "//dsig11:DEREncodedKeyValue"); +} + +@Test +public void testEncryptionWithAgreementMethodsX25519() throws Exception { +Assume.assumeTrue(getJDKVersion() >= 16); +testEncryptionWithAgreementMethod("x25519", "//dsig11:DEREncodedKeyValue"); +} + +@Test +public void testEncryptionWithAgreementMethodsECP256r1() throws Exception { +testEncryptionWithAgreementMethod("secp256r1",
(cxf) branch dependabot/github_actions/actions/setup-java-4.1.0 updated (b5f24a6f28 -> a10f9cfee2)
This is an automated email from the ASF dual-hosted git repository. github-bot pushed a change to branch dependabot/github_actions/actions/setup-java-4.1.0 in repository https://gitbox.apache.org/repos/asf/cxf.git discard b5f24a6f28 Bump actions/setup-java from 4.0.0 to 4.1.0 add d0ac9fb5d4 CXF-8962: HttpClientHTTPConduit sets Content-Type Header for DELETE requests with empty body (#1699) add a10f9cfee2 Bump actions/setup-java from 4.0.0 to 4.1.0 This update added new revisions after undoing existing revisions. That is to say, some revisions that were in the old version of the branch are not in the new version. This situation occurs when a user --force pushes a change and generates a repository containing something like this: * -- * -- B -- O -- O -- O (b5f24a6f28) \ N -- N -- N refs/heads/dependabot/github_actions/actions/setup-java-4.1.0 (a10f9cfee2) You should already have received notification emails for all of the O revisions, and so the following emails describe only the N revisions from the common base, B. Any revisions marked "omit" are not gone; other references still refer to them. Any revisions marked "discard" are gone forever. No new revisions were added by this update. Summary of changes: .../org/apache/cxf/transport/http/Headers.java | 2 +- .../cxf/transport/http/HttpClientHTTPConduit.java | 21 ++-- ...ontinuationServer.java => EmptyBookServer.java} | 17 - .../apache/cxf/systest/jaxrs/EmptyBookStore.java | 29 ++-- ...st.java => JAXRSClientServerEmptyBookTest.java} | 40 -- 5 files changed, 68 insertions(+), 41 deletions(-) copy systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/{BookContinuationServer.java => EmptyBookServer.java} (73%) copy rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/BaseApi.java => systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/EmptyBookStore.java (62%) copy systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/{JAXRSClientServerThrottledTest.java => JAXRSClientServerEmptyBookTest.java} (62%)
(cxf) branch dependabot/github_actions/actions/cache-4.0.1 updated (4b0e170407 -> f0037dfa08)
This is an automated email from the ASF dual-hosted git repository. github-bot pushed a change to branch dependabot/github_actions/actions/cache-4.0.1 in repository https://gitbox.apache.org/repos/asf/cxf.git omit 4b0e170407 Bump actions/cache from 4.0.0 to 4.0.1 add d0ac9fb5d4 CXF-8962: HttpClientHTTPConduit sets Content-Type Header for DELETE requests with empty body (#1699) add f0037dfa08 Bump actions/cache from 4.0.0 to 4.0.1 This update added new revisions after undoing existing revisions. That is to say, some revisions that were in the old version of the branch are not in the new version. This situation occurs when a user --force pushes a change and generates a repository containing something like this: * -- * -- B -- O -- O -- O (4b0e170407) \ N -- N -- N refs/heads/dependabot/github_actions/actions/cache-4.0.1 (f0037dfa08) You should already have received notification emails for all of the O revisions, and so the following emails describe only the N revisions from the common base, B. Any revisions marked "omit" are not gone; other references still refer to them. Any revisions marked "discard" are gone forever. No new revisions were added by this update. Summary of changes: .../org/apache/cxf/transport/http/Headers.java | 2 +- .../cxf/transport/http/HttpClientHTTPConduit.java | 21 ++-- ...ontinuationServer.java => EmptyBookServer.java} | 17 - .../apache/cxf/systest/jaxrs/EmptyBookStore.java | 29 ++-- ...st.java => JAXRSClientServerEmptyBookTest.java} | 40 -- 5 files changed, 68 insertions(+), 41 deletions(-) copy systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/{BookContinuationServer.java => EmptyBookServer.java} (73%) copy rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/BaseApi.java => systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/EmptyBookStore.java (62%) copy systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/{JAXRSClientServerThrottledTest.java => JAXRSClientServerEmptyBookTest.java} (62%)
(cxf) branch dependabot/maven/ch.qos.logback-logback-classic-1.5.3 updated (3da39dc4cd -> 3fdd39780d)
This is an automated email from the ASF dual-hosted git repository. github-bot pushed a change to branch dependabot/maven/ch.qos.logback-logback-classic-1.5.3 in repository https://gitbox.apache.org/repos/asf/cxf.git discard 3da39dc4cd Bump ch.qos.logback:logback-classic from 1.5.1 to 1.5.3 add 3fdd39780d Bump ch.qos.logback:logback-classic from 1.5.1 to 1.5.3 This update added new revisions after undoing existing revisions. That is to say, some revisions that were in the old version of the branch are not in the new version. This situation occurs when a user --force pushes a change and generates a repository containing something like this: * -- * -- B -- O -- O -- O (3da39dc4cd) \ N -- N -- N refs/heads/dependabot/maven/ch.qos.logback-logback-classic-1.5.3 (3fdd39780d) You should already have received notification emails for all of the O revisions, and so the following emails describe only the N revisions from the common base, B. Any revisions marked "omit" are not gone; other references still refer to them. Any revisions marked "discard" are gone forever. No new revisions were added by this update. Summary of changes: